The present invention relates to providing services based on Internet protocol (IP) transport, such as making a connection to the Internet or making a telephone call over IP.
At present, such services are provided by an access network/IP transport operators (ANO/ITO) collecting the IP traffic generated by users from various access networks (public switched telephone network (PSTN), integrated services digital network (ISDN), digital subscriber line (DSL) networks, etc.) and concentrating the traffic into an IP stream. Such collected and concentrated IP traffic is subsequently delivered in a closed model to one or more delivery points of the network of an Internet access provider (IAP) or of an IP service provider (ISP) selected by the user. In an open model, the IP traffic may be forwarded directly in a transport network as a function of the IP addresses of the destinations. In the closed model, all of the collected traffic is generally transmitted to the Internet access provider or IP service provider by using a tunnel between an IP gateway and the network of the Internet access provider or the IP service provider, where the IP gateway is, for example, of the network access server (NAS) type or of the broadband access server (BAS) type. Accompanying FIG. 1 shows the open model.
In this figure, the collecting network collects IP traffic at local level. This network comprises various types of IP gateway 3, 4 providing interfaces with existing access networks 1, 2. The low data rate gateways 3, e.g. of the NAS type, provide an interface with networks 1 of the PTSN and ISDN types, while high data rate gateways 4, e.g. of the BAS type, provide an interface for asymmetric digital subscriber line (ADSL) access via an asynchronous transfer mode (ATM) network.
The IP traffic from terminals 11 heading to IP gateways 3, 4 is encapsulated in frames complying with the point-to-point protocol (PPP). At the beginning of connection, this protocol serves to convey the information needed for configuring the IP connection and authenticating the user terminal. This information is subsequently received by the IP gateways 3, 4 which encapsulate it in messages complying with an authentication, authorization, and accounting (AAA) protocol such as Remote Authentication Dial-In User Service (RADIUS) or Diameter, and then transmit it to an authentication proxy server 9 controlled by the operator of the access and IP transport networks. The proxy server 9 is designed to direct such authentication requests through an IP transport network 5 to an AAA server controlled by the Internet access provider 6, 7 or the IP service provider 8 requested by the user. The AAA server authenticates the user and authorizes the user to open a PPP session. At the end of an IP connection, the IP gateways 3, 4 issue a ticket containing all of the information needed for billing the user.
In that architecture (FIG. 1), the users of the IP transport network are authenticated solely by the AAA server of the Internet access or service provider 6, 7, 8 on the basis of information such as an identifier of the form “IAPid@IAPdomain” together with a password, which identifier and password are allocated by the access or service provider. As a general rule, operators (ANO/ITO) of access/IP transport networks cannot use such authentication information to identify the user, given that the information is managed by a different administrative domain. As a result the proxy server 9 cannot verify the information and therefore can do no more than forward it to the access or service provider requested by the user in order to obtain authentication of the user from the provider.
In addition, the procedures presently implemented for establishing an IP/PPP connection via access networks 1, 2 such as PSDN, ISDN, or ADSL, do not enable the user to be authenticated at access network level.
Nevertheless there exists a need for the operators of access/IP transport networks to identify users in order to offer personalized services to users, which services are of high added value at access network level, while also providing continuity in the present collection service. As an example of such services, mention can be made of managing the mobility of roaming users, personalizing access as a function of preferences predefined by the user, or providing single multi-access billing which consists in combining on a single bill all of the accesses made by one particular user regardless of the terminal or access point used.